Securing Electronic Medical Records Still Causing Headaches
Tripwire announces new solution for easily monitoring EMRs for risks and maintaining compliance
PORTLAND, Ore. – November 08, 2017 – Electronic Medical Records (EMR) have been widely adopted by healthcare providers to improve operational efficiency and patient care. As with the adoption of any new technology that continues to evolve, with benefits come risks. EMRs have given rise to new considerations around cyber risk for healthcare providers and have helped spark a conversation around the potential impact cyber security can have on patients.
When it comes to securing EMRs, the top concern is around protecting patient information, specifically “electronic Protected Health Information” (ePHI). The Health Insurance Portability and Accountability Act (HIPAA) was established to address this; it set a national set of minimum security standards for protecting all ePHI under the HIPAA Security Rule.
“There’s more to protect, fewer resources with which to do it, and more change alerts than one person can handle. And yet, many providers are still trying to manage security and compliance for their EMRs manually,” said Tim Erlin, vice president of product management and strategy at Tripwire. “A manual process will not actually be able to answer a good auditors’ questions. Home-grown scripts are concerning to an auditor; they prefer third party effort. On top of all that, cyberattacks can go undetected if not monitored in real time.”
For healthcare security leaders who need to protect EMR systems, Tripwire provides integrity monitoring and secure configuration management to protect against unauthorized changes. Expanding upon its existing support for EPIC systems, Tripwire’s automated EMR security and compliance solution now supports Cerner and Allscripts systems. As an extension of Tripwire Enterprise, the EMR solution also alerts users to possible insider threats with capabilities for managing administrative privileges. Finally, the EMR Security & Compliance helps providers achieve and maintain compliance with HIPAA and NIST 800-(53 & 171) across the entire EMR environment including file systems, AD/LDAP, and databases.With a comprehensive solution for implementing foundational security controls, healthcare providers can meet their security and compliance needs while maintaining operational excellence and enhancing patient care with more confidence.
Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwire’s award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.
Learn more at https://www.tripwire.com/, get security news, trends and insights at www.tripwire.com/blog, or connect with us on LinkedIn, Twitter and Facebook.